package com.hy.z.shiro;


import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.hy.z.dto.UserBean;
import com.hy.z.entity.*;
import com.hy.z.mapper.*;
import com.hy.z.service.UserService;
import com.hy.z.utils.JWTUtil;
import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.*;
import java.util.stream.Collectors;

@Slf4j
public class ShiroRealm extends AuthorizingRealm {
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private ResourcesMapper resourcesMapper;
    @Autowired
    private UserRoleMapper userRoleMapper;
    @Autowired
    private RoleResourcesMapper roleResourcesMapper;

    @Override
    public Class<?> getAuthenticationTokenClass() {
        return JwtToken.class;
    }

    /**
     * @return
     * @Description: 认证
     * @author: FengHongYun
     * @Version: 1.0
     * @CreatedDate: 2020/3/6 0:37
     **/
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        JwtToken jwtToken = (JwtToken) authenticationToken;
        String token = (String) jwtToken.getPrincipal();
        UserBean userDto = new UserBean();
        Claims claims = JWTUtil.analyzingToken(token);
//        userDto.setId(Integer.valueOf(claims.getId()));
        userDto.setUserName(claims.getSubject());
        return new SimpleAuthenticationInfo(userDto, Boolean.TRUE, getName());
    }

    /**
     * @return
     * @Description: 授权 调用接口时进行授权检查 注解方式
     * @author: FengHongYun
     * @Version: 1.0
     * @CreatedDate: 2020/3/6 0:37
     **/
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) throws AuthorizationException {
        //获取主凭证信息
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        UserBean userSubject = (UserBean) principalCollection.getPrimaryPrincipal();
        //userName
        User user = userMapper.selectOne(Wrappers.<User>lambdaQuery().eq(User::getUserName, userSubject.getUserName()));
        //主管理由拥有全部权限
        List<Resources> resources;
        if (user.getUserId().intValue() == 1) {
            resources = resourcesMapper.selectList(null);
            Set<String> permissions = resources.stream().map(Resources::getPermission).filter(Objects::nonNull).collect(Collectors.toSet());
            info.addStringPermissions(permissions);
        } else {
            UserRole userRole = userRoleMapper.selectOne(Wrappers.<UserRole>lambdaQuery().eq(UserRole::getUserId, user.getUserId()));
            RoleResources roleResources = roleResourcesMapper.selectOne(Wrappers.<RoleResources>lambdaQuery().eq(RoleResources::getRoleId, userRole.getRoleId()));
            String[] split = roleResources.getResourcesId().split(",");
            resources = resourcesMapper.selectList(Wrappers.<Resources>lambdaQuery().in(Resources::getId, Arrays.asList(split)));
            Set<String> permissions = resources.stream().map(Resources::getPermission).filter(Objects::nonNull).collect(Collectors.toSet());
            info.addStringPermissions(permissions);
        }
        return info;
    }
}
